detect: track direction and ipproto of sgh

Each SGH has a unique ipproto and direction.

src/detect-engine-siggroup.c

@@ -1142,6 +1142,15 @@ void SigGroupHeadSetSigCnt(SigGroupHead *sgh, uint32_t max_idx)
     return;
 }
 
+void SigGroupHeadSetProtoAndDirection(SigGroupHead *sgh,
+                                      uint8_t ipproto, uint8_t dir)
+{
+    if (sgh && sgh->init) {
+        sgh->init->protos[ipproto] = 1;
+        sgh->init->direction = dir;
+    }
+}
+
 /**
  * \brief Prints the memory statistics for the detect-engine-siggroup.[ch] module.
  */

src/detect-engine-siggroup.h

@@ -73,6 +73,8 @@ int SigGroupHeadSPortHashRemove(DetectEngineCtx *, SigGroupHead *);
 
 void SigGroupHeadInitDataFree(SigGroupHeadInitData *sghid);
 void SigGroupHeadSetSigCnt(SigGroupHead *sgh, uint32_t max_idx);
+void SigGroupHeadSetProtoAndDirection(SigGroupHead *sgh,
+                                      uint8_t ipproto, uint8_t dir);
 int SigGroupHeadBuildMatchArray (DetectEngineCtx *de_ctx, SigGroupHead *sgh,
                                  uint32_t max_idx);
 void SigGroupHeadFreeSigArrays(DetectEngineCtx *de_ctx);

src/detect.c

@@ -3728,6 +3728,7 @@ int BuildDestinationAddressHeads(DetectEngineCtx *de_ctx,
             if (sgh == NULL) {
                 /* put the contents in our sig group head */
                 SigGroupHeadSetSigCnt(sgr->sh, max_idx);
+                SigGroupHeadSetProtoAndDirection(sgr->sh, ipproto, flow);
                 SigGroupHeadBuildMatchArray(de_ctx, sgr->sh, max_idx);
                 SigGroupHeadHashAdd(de_ctx, sgr->sh);
                 SigGroupHeadStore(de_ctx, sgr->sh);
@@ -3957,6 +3958,7 @@ int BuildDestinationAddressHeadsWithBothPorts(DetectEngineCtx *de_ctx,
                                 SCLogDebug("dp %p dp->sh %p is the original (sp %p, dst_gr %p, src_gr %p)", dp, dp->sh, sp, dst_gr, src_gr);
 
                                 SigGroupHeadSetSigCnt(dp->sh, max_idx);
+                                SigGroupHeadSetProtoAndDirection(dp->sh, ipproto, flow);
                                 SigGroupHeadBuildMatchArray(de_ctx,dp->sh, max_idx);
                                 SigGroupHeadDPortHashAdd(de_ctx, dp->sh);
                                 SigGroupHeadStore(de_ctx, dp->sh);

src/detect.h

@@ -983,6 +983,9 @@ typedef struct SigGroupHeadInitData_ {
     uint8_t *sig_array; /**< bit array of sig nums (internal id's) */
     uint32_t sig_size; /**< size in bytes */
 
+    uint8_t protos[256];
+    uint8_t direction;
+
     /* port ptr */
     struct DetectPort_ *port;
 } SigGroupHeadInitData;